JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 74.7.243.130

74.7.243.130 was found in our database!

This IP was reported 279 times. Confidence of Abuse is 77%: ?

77%

ISP	Microsoft Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Atlanta, Georgia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 74.7.243.130

Whois 74.7.243.130

IP Abuse Reports for 74.7.243.130:

This IP address has been reported a total of 279 times from 84 distinct sources. 74.7.243.130 was first reported on November 19th 2025, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-12 15:47:58 (2 days ago)	(mod_security) mod_security (id:210730) triggered by 74.7.243.130 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 74.7.243.130 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 11:47:50.968228 2026] [security2:error] [pid 7348:tid 7348] [client 74.7.243.130:42054] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|lertap5.com\|F\|2"] [data ".assess.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "lertap5.com"] [uri "/HTMLHelp/Lrtp59HTML/www.assess.com"] [unique_id "aiwqJjOiEQmkCRXUUYIzBgAAAAo"], referer: http://lertap5.com/HTMLHelp/Lrtp59HTML/exporttoxcalibre_4_1.htm show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 masterguru	2026-06-12 12:54:06 (2 days ago)	(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 74.7.243.130 (US/United States/-): 2 ... show more (modsec_5080) ModSec 5080: Infrastructure subdomain probe from 74.7.243.130 (US/United States/-): 2 in the last 3600 secs (0-196) show less	Hacking
🇺🇸 LotPhantom	2026-06-12 10:57:40 (2 days ago)	74.7.243.130 - - [12/Jun/2026:10:56:39 +0000] "GET / HTTP/2.0" 404 0 "-" "Mozilla/5.0 AppleWebKit/53 ... show more 74.7.243.130 - - [12/Jun/2026:10:56:39 +0000] "GET / HTTP/2.0" 404 0 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; GPTBot/1.4; +https://openai.com/gptbot)" ... show less	Web App Attack Bad Web Bot
🇫🇷 masterguru	2026-06-12 10:57:09 (2 days ago)	(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 74.7.243.130 (US/United States/-): 1 ... show more (modsec_5080) ModSec 5080: Infrastructure subdomain probe from 74.7.243.130 (US/United States/-): 1 in the last 3600 secs (0-195) show less	Hacking
🇪🇸 masterguru	2026-06-10 04:08:59 (4 days ago)	BAD BOT - Detected and Blocked.. Matched phrase "GPTBot" at REQUEST_HEADERS:user-agent. (1100000-122 ... show more BAD BOT - Detected and Blocked.. Matched phrase "GPTBot" at REQUEST_HEADERS:user-agent. (1100000-122) show less	Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-04 08:56:56 (1 week ago)	(mod_security) mod_security (id:225170) triggered by 74.7.243.130 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 74.7.243.130 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 04:56:51.702038 2026] [security2:error] [pid 11658:tid 11658] [client 74.7.243.130:44762] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.yaseminelhan.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.yaseminelhan.com"] [uri "/wp-json/wp/v2/users/1"] [unique_id "aiE90xTlY5FYX7mGcTM_gwAAAAI"], referer: https://www.yaseminelhan.com/author/admin/ show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 Site.eu	2026-06-04 07:10:34 (1 week ago)	Excessive multi-domain requests	Brute-Force
🇪🇸 librebit	2026-06-04 06:31:43 (1 week ago)	Brute force	Brute-Force
🇫🇷 masterguru	2026-06-04 04:02:33 (1 week ago)	(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 74.7.243.130 (US/United States/-): 1 ... show more (modsec_5080) ModSec 5080: Infrastructure subdomain probe from 74.7.243.130 (US/United States/-): 1 in the last 3600 secs (0-195) show less	Hacking
🇺🇸 TPI-Abuse	2026-06-04 02:06:04 (1 week ago)	(mod_security) mod_security (id:210730) triggered by 74.7.243.130 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 74.7.243.130 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 22:05:58.917062 2026] [security2:error] [pid 19720:tid 19720] [client 74.7.243.130:41842] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.magento.fritsknuf.com\|F\|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.magento.fritsknuf.com"] [uri "/php5.ini"] [unique_id "aiDdhpJTLKCDZIW6aHI4JgAAAAQ"], referer: https://www.magento.fritsknuf.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 Dorian GRANDHAY	2026-06-03 08:00:12 (1 week ago)	(PERMBLOCK) 74.7.243.130 (US/United States/-) has had more than 4 temp blocks in the last 604800 sec ... show more (PERMBLOCK) 74.7.243.130 (US/United States/-) has had more than 4 temp blocks in the last 604800 secs; Ports: *; Direction: inout; Trigger: LF_PERMBLOCK_COUNT; Logs: show less	Port Scan
🇺🇸 TPI-Abuse	2026-06-03 04:03:19 (1 week ago)	(mod_security) mod_security (id:210730) triggered by 74.7.243.130 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 74.7.243.130 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 00:03:15.929578 2026] [security2:error] [pid 27915:tid 27919] [client 74.7.243.130:49224] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.michaelrandon.com\|F\|2"] [data ".ethermania.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.michaelrandon.com"] [uri "/netduino-plus-2/www.ethermania.com"] [unique_id "ah-ng_P65oPSXMrU1f9FoQAAAAI"], referer: https://www.michaelrandon.com/netduino-plus-2/ show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Viveronese	2026-06-03 00:06:28 (1 week ago)	HTTP vulnerability scanning	Web App Attack
🇺🇸 TPI-Abuse	2026-06-02 19:58:10 (1 week ago)	(mod_security) mod_security (id:225170) triggered by 74.7.243.130 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 74.7.243.130 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 15:58:02.773273 2026] [security2:error] [pid 1527:tid 1527] [client 74.7.243.130:50680] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|crafft.cloudex.link\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "crafft.cloudex.link"] [uri "/wp-json/wp/v2/users/1"] [unique_id "ah81yuPU_szeEliN7izc1wAAAAE"], referer: https://crafft.cloudex.link/author/admin/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-02 04:02:55 (1 week ago)	(mod_security) mod_security (id:225170) triggered by 74.7.243.130 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 74.7.243.130 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 00:00:44.309246 2026] [security2:error] [pid 21463:tid 21463] [client 74.7.243.130:47956] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|starsmogsandiego.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "starsmogsandiego.com"] [uri "/wp-json/wp/v2/users/1"] [unique_id "ah5VbIA6JuNBAu39wxLAqAAAAAc"], referer: http://starsmogsandiego.com/author/starsmog_admin/ show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 279 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇫🇷 176.31.139.12

🇺🇸 170.247.222.56

🇺🇸 170.247.221.126

🇺🇸 170.247.220.85

🇮🇹 82.53.82.254

🇩🇪 69.5.169.171

🇺🇸 52.4.194.99

🇺🇸 50.217.40.11

🇩🇪 185.242.3.195

🇨🇳 171.112.185.199

🇧🇷 168.196.152.138

🇺🇸 129.212.184.120

🇺🇸 64.62.156.144

🇨🇦 54.39.136.193

🇨🇦 51.222.168.63

🇺🇸 205.210.31.94

🇳🇱 195.178.110.30

🇧🇷 177.85.247.230

🇳🇱 176.65.149.135

🇺🇸 172.236.228.198